Enhancements to network security within organizations have made it harder for threat actors to penetrate networks and systems. As a result, people have become the primary target for cyberattacks, with email providing the most effective mechanism for launching these attacks. This leads to all employees within an organization being frequently targeted by phishing attacks.
A phishing campaign is using hyperlinked images in order to trick users into visiting malicious sites, according to Jeremy Fuchs at Avanan. The emails contain images that offer gift cards or promotions for Delta or Kohls. “Obfuscation is a gift to hackers,” Fuchs says. “It allows them to pull off a magic trick. It works by hiding the true intent of their message. In this case, it’s a picture. The picture is meant to entice the user to click.
Today, the FBI alerted warned against a new even more disgusting type of sextortion. Previously, these schemes involved coerced or stolen digital material, but now some criminals are using technology to create explicit content from innocent images or videos found online. This information comes from today's alert by the FBI's Internet Crime Complaint Center (IC3).
If a scammer knows your email address, you should be extra-vigilant about phishing, and secure all your accounts with strong passwords and Multi-Factor Authentication (MFA). If you suspect a scammer has gained access to your email account, you should take steps with your email provider to secure your account and let all your contacts know you have been hacked. Read on to learn more details about what a scammer can do with your email address and how to protect your account.
Cybercrime continues to rise — the 2022 Internet Crime Report produced by the FBI's Internet Crime Complaint Center (IC3) revealed that the number of complaints it receives annually has more than doubled since 2018. The potential loss from cybercrime has also grown significantly – between 2021 and 2022, it rose from $6.9bn to $10.2bn.
According to independent research conducted for the Egress Data Loss Prevention Report, 85% of employees are sending more emails than ever before and 80% of are using email to share sensitive data with clients and colleagues. To ensure users can be productive, Microsoft has continued to evolve Outlook to provide a richer and more integrated email experience for end users, adding functionality like autocomplete, clutter, and message access via the reading pane.
Threat actors are using encoded phishing links to evade security filters, according to Jeremy Fuchs at Avanan. The phishing emails purport to be notifications from McAfee informing the user that they need to renew their subscription. “This is a fairly standard McAfee subscription scam,” Fuchs says. “We see these all the time and they’ve been floating around the Internet for some time. But that’s not what makes this attack unique.
Egress, a cybersecurity company that provides intelligent email security, recently released their Email Security Risk Report 2023. It's solid research that shows 99% of cybersecurity leaders are stressed about their email security with good reason. The numbers are scary. We mentioned their report a few weeks ago, but there are many important findings there.
Verizon has renewed its warnings to customers about the threat of smishing, a social engineering approach that relies upon texts as opposed to other communication channels like the email used in phishing. The smishing problem may be smaller than the phishing problem, or the robocall nuisance, but it represents a comparable threat that organizations should address in their risk management process.
